Users of public and private networks use software such as web browsers to request and obtain resources from remote computing systems such as webpages, pictures, videos, and documents. These resources are generally identified using Uniform Resource Identifiers (URIs) to identify resources. In many cases, network administrators managing a network for an organization find that much of the bandwidth on the organization's private networks is consumed delivering resources that are not relevant to the organization. Administrators sometimes find basic administrative tasks, such as backing up a large database, are hampered by lack of available bandwidth. In some cases, it can be helpful for administrators to selectively block access to certain websites such as YouTube, Vimeo, Facebook, and others which are frequented by the organization's users. One way to accomplish this is to “black hole” or “sinkhole” requests to these domains by configuring network security devices such as firewalls to simply discard any network traffic requesting resources from one of these domains.
However, this may have the unfortunate side effect of blocking access to resources the organization wants its users to have access to (e.g. training videos, videos showing competitor products, results of demonstrations, etc.). Categorizing and/or “sink holing” traffic based on largely static portions of the URI (such as the host or domain) components and ignoring potentially dynamic portions of the URI may mean that large portions of potentially important content will be excluded when it should not be.